Vigil@nce: Linux kernel, denial of service of drivers
July 2008 by Vigil@nce
SYNTHESIS
A local attacker can use vulnerabilities of several drivers in
order to create a denial of service.
Gravity: 1/4
Consequences: denial of service of computer
Provenance: user account
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 04/07/2008
Identifier: VIGILANCE-VUL-7928
IMPACTED PRODUCTS
- Linux kernel [confidential versions]
DESCRIPTION
Drivers implemented in following files share the same
vulnerability:
drivers/net/hamradio/6pack.c
drivers/net/hamradio/mkiss.c
drivers/net/irda/irtty-sir.c
drivers/net/ppp_async.c
drivers/net/ppp_synctty.c
drivers/net/slip.c
drivers/net/wan/x25_asy.c
drivers/net/wireless/strip.c
A local attacker can use a NULL function pointer in order to
create a segmentation error.
A local attacker can therefore create a denial of service.
CHARACTERISTICS
Identifiers: CVE-2008-2812, VIGILANCE-VUL-7928